X-Git-Url: http://git.iain.cx/?a=blobdiff_plain;f=service.cpp;h=5b10233230686f43a537eb4c1989f6db91404cc0;hb=0dfa0fdb3a851b1ff69a0f0b308a3e1371286a57;hp=284b5ec206b0f0a31c00a8a51fbcc6cdf4805205;hpb=54438652fac1f4f8dc6120bbfa8aac766aa656d3;p=nssm.git diff --git a/service.cpp b/service.cpp index 284b5ec..5b10233 100644 --- a/service.cpp +++ b/service.cpp @@ -1,8 +1,5 @@ #include "nssm.h" -/* This is explicitly a wide string. */ -#define NSSM_LOGON_AS_SERVICE_RIGHT L"SeServiceLogonRight" - bool is_admin; bool use_critical_section; @@ -256,8 +253,8 @@ static unsigned long WINAPI shutdown_service(void *arg) { } /* Connect to the service manager */ -SC_HANDLE open_service_manager() { - SC_HANDLE ret = OpenSCManager(0, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS); +SC_HANDLE open_service_manager(unsigned long access) { + SC_HANDLE ret = OpenSCManager(0, SERVICES_ACTIVE_DATABASE, access); if (! ret) { if (is_admin) log_event(EVENTLOG_ERROR_TYPE, NSSM_EVENT_OPENSCMANAGER_FAILED, 0); return 0; @@ -267,14 +264,15 @@ SC_HANDLE open_service_manager() { } /* Open a service by name or display name. */ -SC_HANDLE open_service(SC_HANDLE services, TCHAR *service_name, TCHAR *canonical_name, unsigned long canonical_namelen) { - SC_HANDLE service_handle = OpenService(services, service_name, SERVICE_ALL_ACCESS); +SC_HANDLE open_service(SC_HANDLE services, TCHAR *service_name, unsigned long access, TCHAR *canonical_name, unsigned long canonical_namelen) { + SC_HANDLE service_handle = OpenService(services, service_name, access); if (service_handle) { if (canonical_name && canonical_name != service_name) { - if (_sntprintf_s(canonical_name, canonical_namelen, _TRUNCATE, _T("%s"), service_name) < 0) { - print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("canonical_name"), _T("open_service()")); - return 0; - } + TCHAR displayname[SERVICE_NAME_LENGTH]; + unsigned long displayname_len = (unsigned long) _countof(displayname); + GetServiceDisplayName(services, service_name, displayname, &displayname_len); + unsigned long keyname_len = canonical_namelen; + GetServiceKeyName(services, displayname, canonical_name, &keyname_len); } return service_handle; } @@ -334,7 +332,7 @@ SC_HANDLE open_service(SC_HANDLE services, TCHAR *service_name, TCHAR *canonical } HeapFree(GetProcessHeap(), 0, status); - return open_service(services, canonical_name, 0, 0); + return open_service(services, canonical_name, access, 0, 0); } } @@ -342,7 +340,7 @@ SC_HANDLE open_service(SC_HANDLE services, TCHAR *service_name, TCHAR *canonical } /* Recurse so we can get an error message. */ - return open_service(services, service_name, 0, 0); + return open_service(services, service_name, access, 0, 0); } QUERY_SERVICE_CONFIG *query_service_config(const TCHAR *service_name, SC_HANDLE service_handle) { @@ -373,6 +371,185 @@ QUERY_SERVICE_CONFIG *query_service_config(const TCHAR *service_name, SC_HANDLE return qsc; } +int set_service_dependencies(const TCHAR *service_name, SC_HANDLE service_handle, TCHAR *buffer) { + TCHAR *dependencies = _T(""); + unsigned long num_dependencies = 0; + + if (buffer && buffer[0]) { + SC_HANDLE services = open_service_manager(SC_MANAGER_CONNECT | SC_MANAGER_ENUMERATE_SERVICE); + if (! services) { + print_message(stderr, NSSM_MESSAGE_OPEN_SERVICE_MANAGER_FAILED); + return 1; + } + + /* + Count the dependencies then allocate a buffer big enough for their + canonical names, ie n * SERVICE_NAME_LENGTH. + */ + TCHAR *s; + TCHAR *groups = 0; + for (s = buffer; *s; s++) { + num_dependencies++; + if (*s == SC_GROUP_IDENTIFIER) groups = s; + while (*s) s++; + } + + /* At least one dependency is a group so we need to verify them. */ + if (groups) { + HKEY key; + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, NSSM_REGISTRY_GROUPS, 0, KEY_READ, &key)) { + _ftprintf(stderr, _T("%s: %s\n"), NSSM_REGISTRY_GROUPS, error_string(GetLastError())); + return 2; + } + + unsigned long type; + unsigned long groupslen; + unsigned long ret = RegQueryValueEx(key, NSSM_REG_GROUPS, 0, &type, NULL, &groupslen); + if (ret == ERROR_SUCCESS) { + groups = (TCHAR *) HeapAlloc(GetProcessHeap(), 0, groupslen); + if (! groups) { + print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("groups"), _T("set_service_dependencies()")); + return 3; + } + + ret = RegQueryValueEx(key, NSSM_REG_GROUPS, 0, &type, (unsigned char *) groups, &groupslen); + if (ret != ERROR_SUCCESS) { + _ftprintf(stderr, _T("%s\\%s: %s"), NSSM_REGISTRY_GROUPS, NSSM_REG_GROUPS, error_string(GetLastError())); + HeapFree(GetProcessHeap(), 0, groups); + RegCloseKey(key); + return 4; + } + } + else if (ret != ERROR_FILE_NOT_FOUND) { + _ftprintf(stderr, _T("%s\\%s: %s"), NSSM_REGISTRY_GROUPS, NSSM_REG_GROUPS, error_string(GetLastError())); + RegCloseKey(key); + return 4; + } + + RegCloseKey(key); + + } + + unsigned long dependencieslen = (num_dependencies * SERVICE_NAME_LENGTH) + 2; + dependencies = (TCHAR *) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dependencieslen * sizeof(TCHAR)); + size_t i = 0; + + TCHAR dependency[SERVICE_NAME_LENGTH]; + for (s = buffer; *s; s++) { + /* Group? */ + if (*s == SC_GROUP_IDENTIFIER) { + TCHAR *group = s + 1; + + bool ok = false; + if (*group) { + for (TCHAR *g = groups; *g; g++) { + if (str_equiv(g, group)) { + ok = true; + /* Set canonical name. */ + memmove(group, g, _tcslen(g) * sizeof(TCHAR)); + break; + } + + while (*g) g++; + } + } + + if (ok) _sntprintf_s(dependency, _countof(dependency), _TRUNCATE, _T("%s"), s); + else { + HeapFree(GetProcessHeap(), 0, dependencies); + if (groups) HeapFree(GetProcessHeap(), 0, groups); + _ftprintf(stderr, _T("%s: %s"), s, error_string(ERROR_SERVICE_DEPENDENCY_DELETED)); + return 5; + } + } + else { + SC_HANDLE dependency_handle = open_service(services, s, SERVICE_QUERY_STATUS, dependency, _countof(dependency)); + if (! dependency_handle) { + HeapFree(GetProcessHeap(), 0, dependencies); + if (groups) HeapFree(GetProcessHeap(), 0, groups); + CloseServiceHandle(services); + _ftprintf(stderr, _T("%s: %s"), s, error_string(ERROR_SERVICE_DEPENDENCY_DELETED)); + return 5; + } + } + + size_t len = _tcslen(dependency) + 1; + memmove(dependencies + i, dependency, len * sizeof(TCHAR)); + i += len; + + while (*s) s++; + } + + if (groups) HeapFree(GetProcessHeap(), 0, groups); + CloseServiceHandle(services); + } + + if (! ChangeServiceConfig(service_handle, SERVICE_NO_CHANGE, SERVICE_NO_CHANGE, SERVICE_NO_CHANGE, 0, 0, 0, dependencies, 0, 0, 0)) { + if (num_dependencies) HeapFree(GetProcessHeap(), 0, dependencies); + print_message(stderr, NSSM_MESSAGE_CHANGESERVICECONFIG_FAILED, error_string(GetLastError())); + return -1; + } + + if (num_dependencies) HeapFree(GetProcessHeap(), 0, dependencies); + return 0; +} + +int get_service_dependencies(const TCHAR *service_name, SC_HANDLE service_handle, TCHAR **buffer, unsigned long *bufsize, int type) { + if (! buffer) return 1; + if (! bufsize) return 2; + + *buffer = 0; + *bufsize = 0; + + QUERY_SERVICE_CONFIG *qsc = query_service_config(service_name, service_handle); + if (! qsc) return 3; + + if (! qsc->lpDependencies) return 0; + if (! qsc->lpDependencies[0]) return 0; + + /* lpDependencies is doubly NULL terminated. */ + while (qsc->lpDependencies[*bufsize]) { + while (qsc->lpDependencies[*bufsize]) ++*bufsize; + ++*bufsize; + } + + *bufsize += 2; + + *buffer = (TCHAR *) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, *bufsize * sizeof(TCHAR)); + if (! *buffer) { + *bufsize = 0; + print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("lpDependencies"), _T("get_service_dependencies()")); + return 4; + } + + if (type == DEPENDENCY_ALL) memmove(*buffer, qsc->lpDependencies, *bufsize * sizeof(TCHAR)); + else { + TCHAR *s; + size_t i = 0; + *bufsize = 0; + for (s = qsc->lpDependencies; *s; s++) { + /* Only copy the appropriate type of dependency. */ + if ((*s == SC_GROUP_IDENTIFIER && type & DEPENDENCY_GROUPS) || (*s != SC_GROUP_IDENTIFIER && type & DEPENDENCY_SERVICES)) { + size_t len = _tcslen(s) + 1; + *bufsize += (unsigned long) len; + memmove(*buffer + i, s, len * sizeof(TCHAR)); + i += len; + } + + while (*s) s++; + } + ++*bufsize; + } + + HeapFree(GetProcessHeap(), 0, qsc); + + return 0; +} + +int get_service_dependencies(const TCHAR *service_name, SC_HANDLE service_handle, TCHAR **buffer, unsigned long *bufsize) { + return get_service_dependencies(service_name, service_handle, buffer, bufsize, DEPENDENCY_ALL); +} + int set_service_description(const TCHAR *service_name, SC_HANDLE service_handle, TCHAR *buffer) { SERVICE_DESCRIPTION description; ZeroMemory(&description, sizeof(description)); @@ -475,165 +652,20 @@ int get_service_username(const TCHAR *service_name, const QUERY_SERVICE_CONFIG * if (! qsc) return 1; - if (str_equiv(qsc->lpServiceStartName, NSSM_LOCALSYSTEM_ACCOUNT)) return 0; - - size_t len = _tcslen(qsc->lpServiceStartName); - *username = (TCHAR *) HeapAlloc(GetProcessHeap(), 0, (len + 1) * sizeof(TCHAR)); - if (! *username) { - print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("username"), _T("get_service_username()")); - return 2; - } - - memmove(*username, qsc->lpServiceStartName, (len + 1) * sizeof(TCHAR)); - *usernamelen = len; - - return 0; -} - -int grant_logon_as_service(const TCHAR *username) { - if (! username) return 0; - if (str_equiv(username, NSSM_LOCALSYSTEM_ACCOUNT)) return 0; + if (qsc->lpServiceStartName[0]) { + if (is_localsystem(qsc->lpServiceStartName)) return 0; - /* Open Policy object. */ - LSA_OBJECT_ATTRIBUTES attributes; - ZeroMemory(&attributes, sizeof(attributes)); - - LSA_HANDLE policy; - - NTSTATUS status = LsaOpenPolicy(0, &attributes, POLICY_ALL_ACCESS, &policy); - if (status) { - print_message(stderr, NSSM_MESSAGE_LSAOPENPOLICY_FAILED, error_string(LsaNtStatusToWinError(status))); - return 1; - } - - /* Look up SID for the account. */ - LSA_UNICODE_STRING lsa_username; -#ifdef UNICODE - lsa_username.Buffer = (wchar_t *) username; - lsa_username.Length = (unsigned short) _tcslen(username) * sizeof(TCHAR); - lsa_username.MaximumLength = lsa_username.Length + sizeof(TCHAR); -#else - size_t buflen; - mbstowcs_s(&buflen, NULL, 0, username, _TRUNCATE); - lsa_username.MaximumLength = (unsigned short) buflen * sizeof(wchar_t); - lsa_username.Length = lsa_username.MaximumLength - sizeof(wchar_t); - lsa_username.Buffer = (wchar_t *) HeapAlloc(GetProcessHeap(), 0, lsa_username.MaximumLength); - if (lsa_username.Buffer) mbstowcs_s(&buflen, lsa_username.Buffer, lsa_username.MaximumLength, username, _TRUNCATE); - else { - LsaClose(policy); - print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("LSA_UNICODE_STRING"), _T("grant_logon_as_service()")); - return 2; - } -#endif - - LSA_REFERENCED_DOMAIN_LIST *translated_domains; - LSA_TRANSLATED_SID *translated_sid; - status = LsaLookupNames(policy, 1, &lsa_username, &translated_domains, &translated_sid); -#ifndef UNICODE - HeapFree(GetProcessHeap(), 0, lsa_username.Buffer); -#endif - if (status) { - LsaFreeMemory(translated_domains); - LsaFreeMemory(translated_sid); - LsaClose(policy); - print_message(stderr, NSSM_MESSAGE_LSALOOKUPNAMES_FAILED, username, error_string(LsaNtStatusToWinError(status))); - return 3; - } - - if (translated_sid->Use != SidTypeUser) { - LsaFreeMemory(translated_domains); - LsaFreeMemory(translated_sid); - LsaClose(policy); - print_message(stderr, NSSM_GUI_INVALID_USERNAME, username); - return 4; - } - - LSA_TRUST_INFORMATION *trust = &translated_domains->Domains[translated_sid->DomainIndex]; - if (! trust || ! IsValidSid(trust->Sid)) { - LsaFreeMemory(translated_domains); - LsaFreeMemory(translated_sid); - LsaClose(policy); - print_message(stderr, NSSM_GUI_INVALID_USERNAME, username); - return 4; - } - - /* GetSidSubAuthority*() return pointers! */ - unsigned char *n = GetSidSubAuthorityCount(trust->Sid); - - /* Convert translated SID to SID. */ - SID *sid = (SID *) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, GetSidLengthRequired(*n + 1)); - if (! sid) { - LsaFreeMemory(translated_domains); - LsaFreeMemory(translated_sid); - LsaClose(policy); - print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("SID"), _T("grant_logon_as_service")); - return 4; - } - - unsigned long error; - if (! InitializeSid(sid, GetSidIdentifierAuthority(trust->Sid), *n + 1)) { - error = GetLastError(); - HeapFree(GetProcessHeap(), 0, sid); - LsaFreeMemory(translated_domains); - LsaFreeMemory(translated_sid); - LsaClose(policy); - print_message(stderr, NSSM_MESSAGE_INITIALIZESID_FAILED, username, error_string(error)); - return 5; - } - - for (unsigned char i = 0; i <= *n; i++) { - unsigned long *sub = GetSidSubAuthority(sid, i); - if (i < *n) *sub = *GetSidSubAuthority(trust->Sid, i); - else *sub = translated_sid->RelativeId; - } - - LsaFreeMemory(translated_domains); - LsaFreeMemory(translated_sid); - - /* Check if the SID has the "Log on as a service" right. */ - LSA_UNICODE_STRING lsa_right; - lsa_right.Buffer = NSSM_LOGON_AS_SERVICE_RIGHT; - lsa_right.Length = (unsigned short) wcslen(lsa_right.Buffer) * sizeof(wchar_t); - lsa_right.MaximumLength = lsa_right.Length + sizeof(wchar_t); - - LSA_UNICODE_STRING *rights; - unsigned long count = ~0; - status = LsaEnumerateAccountRights(policy, sid, &rights, &count); - if (status) { - /* - If the account has no rights set LsaEnumerateAccountRights() will return - STATUS_OBJECT_NAME_NOT_FOUND and set count to 0. - */ - error = LsaNtStatusToWinError(status); - if (error != ERROR_FILE_NOT_FOUND) { - HeapFree(GetProcessHeap(), 0, sid); - LsaClose(policy); - print_message(stderr, NSSM_MESSAGE_LSAENUMERATEACCOUNTRIGHTS_FAILED, username, error_string(error)); - return 4; + size_t len = _tcslen(qsc->lpServiceStartName); + *username = (TCHAR *) HeapAlloc(GetProcessHeap(), 0, (len + 1) * sizeof(TCHAR)); + if (! *username) { + print_message(stderr, NSSM_MESSAGE_OUT_OF_MEMORY, _T("username"), _T("get_service_username()")); + return 2; } - } - for (unsigned long i = 0; i < count; i++) { - if (rights[i].Length != lsa_right.Length) continue; - if (_wcsnicmp(rights[i].Buffer, lsa_right.Buffer, lsa_right.MaximumLength)) continue; - /* The SID has the right. */ - HeapFree(GetProcessHeap(), 0, sid); - LsaFreeMemory(rights); - LsaClose(policy); - return 0; - } - LsaFreeMemory(rights); - - /* Add the right. */ - status = LsaAddAccountRights(policy, sid, &lsa_right, 1); - HeapFree(GetProcessHeap(), 0, sid); - LsaClose(policy); - if (status) { - print_message(stderr, NSSM_MESSAGE_LSAADDACCOUNTRIGHTS_FAILED, error_string(LsaNtStatusToWinError(status))); - return 5; + memmove(*username, qsc->lpServiceStartName, (len + 1) * sizeof(TCHAR)); + *usernamelen = len; } - print_message(stdout, NSSM_MESSAGE_GRANTED_LOGON_AS_SERVICE, username); return 0; } @@ -674,9 +706,10 @@ void cleanup_nssm_service(nssm_service_t *service) { SecureZeroMemory(service->password, service->passwordlen); HeapFree(GetProcessHeap(), 0, service->password); } + if (service->dependencies) HeapFree(GetProcessHeap(), 0, service->dependencies); if (service->env) HeapFree(GetProcessHeap(), 0, service->env); if (service->env_extra) HeapFree(GetProcessHeap(), 0, service->env_extra); - if (service->handle) CloseServiceHandle(service->handle); + if (service->handle) CloseHandle(service->handle); if (service->process_handle) CloseHandle(service->process_handle); if (service->wait_handle) UnregisterWait(service->process_handle); if (service->throttle_section_initialised) DeleteCriticalSection(&service->throttle_section); @@ -791,6 +824,10 @@ int pre_edit_service(int argc, TCHAR **argv) { additional = argv[3]; remainder = 4; } + else if (str_equiv(setting->name, NSSM_NATIVE_OBJECTNAME) && mode == MODE_SETTING) { + additional = argv[3]; + remainder = 4; + } else { additional = argv[remainder]; if (argc < mandatory) return usage(1); @@ -801,14 +838,16 @@ int pre_edit_service(int argc, TCHAR **argv) { _sntprintf_s(service->name, _countof(service->name), _TRUNCATE, _T("%s"), service_name); /* Open service manager */ - SC_HANDLE services = open_service_manager(); + SC_HANDLE services = open_service_manager(SC_MANAGER_CONNECT | SC_MANAGER_ENUMERATE_SERVICE); if (! services) { print_message(stderr, NSSM_MESSAGE_OPEN_SERVICE_MANAGER_FAILED); return 2; } /* Try to open the service */ - service->handle = open_service(services, service->name, service->name, _countof(service->name)); + unsigned long access = SERVICE_QUERY_CONFIG; + if (mode != MODE_GETTING) access |= SERVICE_CHANGE_CONFIG; + service->handle = open_service(services, service->name, access, service->name, _countof(service->name)); if (! service->handle) { CloseServiceHandle(services); return 3; @@ -870,6 +909,14 @@ int pre_edit_service(int argc, TCHAR **argv) { } } + if (get_service_dependencies(service->name, service->handle, &service->dependencies, &service->dependencieslen)) { + if (mode != MODE_GETTING) { + CloseHandle(service->handle); + CloseServiceHandle(services); + return 7; + } + } + /* Get NSSM details. */ get_parameters(service, 0); @@ -933,6 +980,9 @@ int pre_edit_service(int argc, TCHAR **argv) { /* Unset the parameter. */ value.string = 0; } + else if (remainder == argc) { + value.string = 0; + } else { /* Set the parameter. */ size_t len = 0; @@ -1008,7 +1058,7 @@ int install_service(nssm_service_t *service) { if (! service) return 1; /* Open service manager */ - SC_HANDLE services = open_service_manager(); + SC_HANDLE services = open_service_manager(SC_MANAGER_CONNECT | SC_MANAGER_CREATE_SERVICE); if (! services) { print_message(stderr, NSSM_MESSAGE_OPEN_SERVICE_MANAGER_FAILED); cleanup_nssm_service(service); @@ -1077,16 +1127,26 @@ int edit_service(nssm_service_t *service, bool editing) { } else if (editing) username = NSSM_LOCALSYSTEM_ACCOUNT; - if (grant_logon_as_service(username)) { - print_message(stderr, NSSM_MESSAGE_GRANT_LOGON_AS_SERVICE_FAILED, username); - return 5; + if (well_known_username(username)) password = _T(""); + else { + if (grant_logon_as_service(username)) { + print_message(stderr, NSSM_MESSAGE_GRANT_LOGON_AS_SERVICE_FAILED, username); + return 5; + } } - if (! ChangeServiceConfig(service->handle, service->type, startup, SERVICE_NO_CHANGE, 0, 0, 0, 0, username, password, service->displayname)) { + TCHAR *dependencies = _T(""); + if (service->dependencieslen) dependencies = 0; /* Change later. */ + + if (! ChangeServiceConfig(service->handle, service->type, startup, SERVICE_NO_CHANGE, 0, 0, 0, dependencies, username, password, service->displayname)) { print_message(stderr, NSSM_MESSAGE_CHANGESERVICECONFIG_FAILED, error_string(GetLastError())); return 5; } + if (service->dependencieslen) { + if (set_service_dependencies(service->name, service->handle, service->dependencies)) return 5; + } + if (service->description[0] || editing) { set_service_description(service->name, service->handle, service->description); } @@ -1124,13 +1184,33 @@ int control_service(unsigned long control, int argc, TCHAR **argv) { TCHAR *service_name = argv[0]; TCHAR canonical_name[SERVICE_NAME_LENGTH]; - SC_HANDLE services = open_service_manager(); + SC_HANDLE services = open_service_manager(SC_MANAGER_CONNECT | SC_MANAGER_ENUMERATE_SERVICE); if (! services) { print_message(stderr, NSSM_MESSAGE_OPEN_SERVICE_MANAGER_FAILED); return 2; } - SC_HANDLE service_handle = open_service(services, service_name, canonical_name, _countof(canonical_name)); + unsigned long access = SERVICE_QUERY_STATUS; + switch (control) { + case NSSM_SERVICE_CONTROL_START: + access |= SERVICE_START; + break; + + case SERVICE_CONTROL_CONTINUE: + case SERVICE_CONTROL_PAUSE: + access |= SERVICE_PAUSE_CONTINUE; + break; + + case SERVICE_CONTROL_STOP: + access |= SERVICE_STOP; + break; + + case NSSM_SERVICE_CONTROL_ROTATE: + access |= SERVICE_USER_DEFINED_CONTROL; + break; + } + + SC_HANDLE service_handle = open_service(services, service_name, access, canonical_name, _countof(canonical_name)); if (! service_handle) { CloseServiceHandle(services); return 3; @@ -1228,14 +1308,14 @@ int remove_service(nssm_service_t *service) { if (! service) return 1; /* Open service manager */ - SC_HANDLE services = open_service_manager(); + SC_HANDLE services = open_service_manager(SC_MANAGER_CONNECT | SC_MANAGER_ENUMERATE_SERVICE); if (! services) { print_message(stderr, NSSM_MESSAGE_OPEN_SERVICE_MANAGER_FAILED); return 2; } /* Try to open the service */ - service->handle = open_service(services, service->name, service->name, _countof(service->name)); + service->handle = open_service(services, service->name, DELETE, service->name, _countof(service->name)); if (! service->handle) { CloseServiceHandle(services); return 3; @@ -1305,9 +1385,9 @@ void WINAPI service_main(unsigned long argc, TCHAR **argv) { /* Try to create the exit action parameters; we don't care if it fails */ create_exit_action(service->name, exit_action_strings[0], false); - SC_HANDLE services = open_service_manager(); + SC_HANDLE services = open_service_manager(SC_MANAGER_CONNECT); if (services) { - service->handle = OpenService(services, service->name, SC_MANAGER_ALL_ACCESS); + service->handle = open_service(services, service->name, SERVICE_CHANGE_CONFIG, 0, 0); set_service_recovery(service); CloseServiceHandle(services); } @@ -1517,7 +1597,6 @@ int start_service(nssm_service_t *service) { TCHAR cmd[CMD_LENGTH]; if (_sntprintf_s(cmd, _countof(cmd), _TRUNCATE, _T("\"%s\" %s"), service->exe, service->flags) < 0) { log_event(EVENTLOG_ERROR_TYPE, NSSM_EVENT_OUT_OF_MEMORY, _T("command line"), _T("start_service"), 0); - close_output_handles(&si); return stop_service(service, 2, true, true); } @@ -1527,6 +1606,14 @@ int start_service(nssm_service_t *service) { if (service->env) duplicate_environment(service->env); if (service->env_extra) set_environment_block(service->env_extra); + /* Set up I/O redirection. */ + if (get_output_handles(service, &si)) { + log_event(EVENTLOG_ERROR_TYPE, NSSM_EVENT_GET_OUTPUT_HANDLES_FAILED, service->name, 0); + if (! service->no_console) FreeConsole(); + close_output_handles(&si); + return stop_service(service, 4, true, true); + } + bool inherit_handles = false; if (si.dwFlags & STARTF_USESTDHANDLES) inherit_handles = true; unsigned long flags = service->priority & priority_mask(); @@ -1546,6 +1633,8 @@ int start_service(nssm_service_t *service) { close_output_handles(&si); + if (! service->no_console) FreeConsole(); + /* Restore our environment. */ duplicate_environment(service->initial_env); @@ -1671,15 +1760,18 @@ void CALLBACK end_service(void *arg, unsigned char why) { service->rotate_stdout_online = service->rotate_stderr_online = NSSM_ROTATE_OFFLINE; + /* Use now as a dummy exit time. */ + GetSystemTimeAsFileTime(&service->exit_time); + /* Check exit code */ unsigned long exitcode = 0; TCHAR code[16]; if (service->process_handle) { GetExitCodeProcess(service->process_handle, &exitcode); - if (exitcode == STILL_ACTIVE || get_process_exit_time(service->process_handle, &service->exit_time)) GetSystemTimeAsFileTime(&service->exit_time); + /* Check real exit time. */ + if (exitcode != STILL_ACTIVE) get_process_exit_time(service->process_handle, &service->exit_time); CloseHandle(service->process_handle); } - else GetSystemTimeAsFileTime(&service->exit_time); service->process_handle = 0;